-
Notifications
You must be signed in to change notification settings - Fork 1
/
fridangr.py
134 lines (92 loc) · 3.06 KB
/
fridangr.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
import frida
from angrdbg import *
class RemoteFile(object):
def __init__(self, dbg, name, base):
self.dbg = dbg
self.name = name
self.base = base
self.pos = 0
def __eq__(self, o):
try:
return self.name == o.name
except:
return False
def read(self, size):
v = self.dbg.get_bytes(self.base + self.pos, size)
self.pos += size
return v
def seek(self, pos):
p = self.pos
self.pos = pos
return pos
class FridaDebugger(Debugger):
name = "frida"
def __init__(self, session, api):
self.session = session
self.api = api
self.get_byte = api.get_byte
self.get_word = api.get_word
self.get_dword = api.get_dword
self.get_qword = api.get_qword
self.get_bytes = api.get_bytes
# -------------------------------------
def before_stateshot(self):
pass
def after_stateshot(self, state):
pass
# -------------------------------------
def is_active(self):
raise NotImplementedError()
# -------------------------------------
def input_file(self): # the file will be closed after a read
return RemoteFile(self, "_aot_", self.api.get_aot_module_addr())
def image_base(self):
return self.api.get_aot_module_addr()
# -------------------------------------
def put_byte(self, addr, value):
raise NotImplementedError()
def put_word(self, addr, value):
raise NotImplementedError()
def put_dword(self, addr, value):
raise NotImplementedError()
def put_qword(self, addr, value):
raise NotImplementedError()
def put_bytes(self, addr, value):
raise NotImplementedError()
# -------------------------------------
def get_reg(self, name):
raise NotImplementedError()
def set_reg(self, name, value):
raise NotImplementedError()
# -------------------------------------
def step_into(self):
raise NotImplementedError()
def run(self):
raise NotImplementedError()
def wait_ready(self):
raise NotImplementedError()
def refresh_memory(self):
raise NotImplementedError()
# -------------------------------------
def seg_by_name(self, name):
raise NotImplementedError()
def seg_by_addr(self, name):
raise NotImplementedError()
def get_got(self): # return tuple(start_addr, end_addr)
raise NotImplementedError()
def get_plt(self): # return tuple(start_addr, end_addr)
raise NotImplementedError()
# -------------------------------------
def resolve_name(self, addr): # return None on fail
raise NotImplementedError()
def init(session):
with open("fridangr.js") as code:
script = session.create_script(code.read())
script.load()
api = script.exports
register_debugger(FridaDebugger(session, api))
def test():
session = frida.attach("test")
init(session)
if __name__ == "__main__":
test()